EARN IT Act Is Back, And It’s Still Terribly Destructive
from the the-monster-that-never-dies dept
Some politicians never learn. Congress has been trying to shove through the EARN IT Act for the past two sessions, and thankfully it’s failed both times. But, now it’s back. Kinda. Far be it for the politicians looking to destroy the internet and encryption that keeps us safe to actually reveal the latest version of EARN IT so that the public can review it. They haven’t done that. Instead, they’ve just announced that the still unreleased bill will be marked up on Thursday (though, as I understand how the Senate Judiciary Committee works, this almost certainly means the actual markup will be next Thursday — don’t ask me why, but they seem to always announce a markup and calendar it a week early, and then “hold it over” to do the actual markup a week later).
For what it’s worth, someone slipped me a copy of the latest draft (thank you, friend) and it’s got all the same problems as the bill from last session. Specifically, it includes what appears to be nearly identical misleading language from the last EARN IT regarding encryption. It includes language that pretends that it is not an attack on encryption, because it says the use of encryption shall not be “an independent basis for liability.”
Of course, that doesn’t mean it can’t be considered with some other factor. Even worse, in the next section, it wipes away the entire preceding section anyway by saying that nothing in that paragraph “shall be construed to prohibit a court from considering evidence of actions or circumstances described in that subparagraph if the evidence is otherwise admissible.”
In other words, under EARN IT, encrypting content and messages is a liability. The only thing the bill limits is the finding of liability just for encryption alone. However, as long as anyone argues some other factor, they can then bolt on encryption and say that the use of encryption supports the argument that the service is up to no good.
I mean, it’s kinda funny that they still even include the language pretending this doesn’t touch encryption, considering that sponsor Senator Richard Blumenthal admitted in an interview last year that the point of the bill was totally to target services that use encryption.
I’m not going to go through the details of all of the many reasons this is bad and dangerous. We’ve done that before. Suffice it to say this bill is an attack on encryption and the open internet. It will actually make law enforcement’s job way harder in tracking down purveyors of CSAM by making important evidence inadmissible. The entire approach of the bill seems to misunderstand basically everything about the internet, encryption, intermediary liability law, and how CSAM reporting currently works. No matter what problem EARN IT claims it’s trying to fix, it won’t actually fix them.
The premise of the bill assumes that companies aren’t reporting the child sex abuse material (CSAM) they find, but there’s little to no evidence to support that claim, and the law already requires them to report it. The problem seems to be that law enforcement isn’t doing much with that information. But magically adding liability to websites won’t fix any of that, and just makes it more difficult to collect the necessary evidence in a constitutional manner.
Filed Under: csam, earn it, encryption, intermediary liability, lindsey graham, richard blumenthal, senate
Comments on “EARN IT Act Is Back, And It’s Still Terribly Destructive”
I find it funny.
Bills like this, whatever other bill Durbin is cooking up, and the Online Safety Bill all share one fundamental center.
It’s a tacit admission that they have given up the pretense of people having private conversations. All chats must be surveilled and in the case of EARN IT, have given up on the idea of collecting evidence in accordance with the constitution deciding that’s too hard and want to make LE’s job easier even if it’ll most likely backfire.
And they know it because they’re going to strong-arm tech companies into doing the surveilling and gambling that it won’t be considered the government exerting it’s will on companies.
Re:
What I suspect they’ll do to get EARN IT approved is the same gambit they did for SOPA and FOSTA. Identify a website as a hive of villainy, destroy it using a combination of existing law and friendly judges willing to look the other way or accept backroom deals, and then use it as justification for why the new law is needed. In which case, we’d need to be pretty vigilant. SOPA failed but FOSTA succeeded, and the net result was two major websites going down either way.
Re: Re:
“and the net result was two major websites going down either way”
…and, it must be noted, either zero effect on the issue being “addressed”, or even making the problem worse and/or harder to investigate.
It would be one thing if this were just a scorched earth policy where taking down CSAM were considered to be something that has inevitable collateral damage, and lawmakers considered the damage to be acceptable in face of fighting the greater battle. It’s quite another when it fails at its stated aim and makes it easier for actual abusers to hide.
Re: Re: Re:
And after the fact, the trolls who screamed in support of those laws insisted that the website takedowns were due to the existence of a law that hadn’t even been approved when the takedowns happened. They then spammed the articles Techdirt put out, desperately hoping no one would catch them on their contradictions.
Re:
This is the other bill I bet durbin is pairing with earn it to prevent anyone from opposing it this time, the stop CSAM act which is being considered the same day as earn it.
https://www.durbin.senate.gov/imo/media/doc/STOP%20CSAM%20Act%20of%202023.pdf
Wait, A Marking Session Already?
That’s odd. Don’t they have to introduce the bill to the house/senate and then mark it? This is extremely scummy.
Re:
The fact it’s not even been announced outside of an upcoming Judiciary Committee markup session is a telling sign they KNOW it’s unpopular.
Same for this other bill Dick Durbin is marking up that is likely to be just as bad if not worse than EARN IT.
Re: Re:
What happens after markup? Does it go to the Senate floor?
Re: Re: Re:
It usually takes a while for a bill to go from markup to a senate vote. But don’t worry, Earn It was defeated before and we can defeat it again if we make enough noise.
I see a problem
In that when the bill itself Seems to be able to be read by a 6th grader.
This really seems like Someone wants this to be BARE of any surplus data.
No restrictions, no protections, Not Much of anything. Which MEANS this is a fallback law, that sits on the books, and never used UNTIL THEY WANT TO. And in Any fashion they want.
It's everywhere
US: EARN IT Act
UK: Online Safety Bill
EU: Digital Services Act
In Russia and China it’s also the same (Cybersecurity Laws).
This multipolar world order talk is just an illusion, Russia and China are the furthest with CBDCs (see Central Bank Digital Currency Tracker).
The Dark Web
When huge chunks of the internet start getting completely shut down by laws like this (Canada will do the same with the Online Harms Bill – yet to be tabled, but coming), I guess we’ll start seeing an explosion of popularity on the dark web.
I liked to think that there was every reason to believe the future is bright with the internet as more and more find ways of being innovative, but it just seems like a constant barrage of these laws will eventually push their way through and basically end a lot of the internet we know today. It’s getting… difficult to be optimistic as time moves on.
Re:
Residing on the dark web is my plan, I have zero intention of complying with this law. I rather side with the “criminals” over my “morally superior” government.
Re: You would think
That a democracy would be based on the many over the few.
But when $1 is a representation of 1 vote. WE SEEM to have a problem.
it makes no difference how terrible these proposed new laws are or however much the people or concerned companies point out the flaws , trying to stop the implementation. those who propose will continue to push to get them into law because:
#a) they are paid to do the bidding of those who will benefit the most from that implentation and
b)because they dont give a flyin’ fuck about how the public, in particular, or the complaining companies are affected. in other words, their corruption payments are far more important than what the after effects are! absolutely disgraceful! and the USA complains about corruption in other countries? looking in it’s own backyard should be the first place!!
If they want information about the exploitation of children why don’t they simply ask themselves?
This is those in power trying to control a new technology, just like back in the day, censorship was those in power trying to control the printing press.
I’m confused … what am I supposed to earn now?
Funny how the titles they put upon these things are usually 180 out from what actually occurs as a result of the legislation. Liars gonna lie.
Re:
The name is a misnomer to the original version of the bill that would’ve had tech companies comply with a mandatory set of “best practices” and certify to “earn” their CDA 230 protections.
That was taken out but the name remains even though there’s nothing to earn. It’s just strips them of CDA 230 protections wholesale.
Does anyone think that lawmakers would rethink proposing bills that would harm the free and open Internet if the tech industry threatened to permanently defund politicians and back challengers who won’t try to jam through laws that harm the tech industry in the ways being proposed or passed?
Is it more or less likely to pass this time?
Re:
Too early to say. Congress has it’s hands full at the moment with the debt ceiling and such.
Re:
According to a post on r/privacy and what blumenthal himself has said concerning the kids online safety act the timeline is to pass earn it, stop csam and the kids online safety act sometime during the summer, probably before their august recess since “election season” begins in september so likely late june/july.
congress is going to do a “child safety week” in june to make all opposed voices look negative to ensure passage.
The lemmings (americans) are stupid and afraid and congress desperately wants censorship so I believe this is the year these disaster bills pass unless google and other big tech corps start lobbying hard and I don’t see signs of that.
Re: Re:
It may be very hard to pass them in such a short time, they would have to pass both houses and that unlikely.
What I find hilarious about this is how the government believes that bills like this will actually work. Encryption is specifically designed to ensure that an outsider has no way of decerning it from random garbage. So there really isn’t a way of “detecting” that encryption is being used without putting malware on every computer, and absolutely nobody is gonna tolerate that. Also, doesn’t this bill have major constitutional violations that would make it get tossed out anyway?
Re:
Not true as you describe it, as Internet traffic is only used for real purposes. It does work in a naval system, where shore stations continuously transmit, filling the gaps between messages with random data.
Re:
Possibly. It violates several amendments. Particularly involving free speech, searches and seizures because (and Blummenthal has admitted it) it HEAVILY incentivizes platforms to scan everything sans warrant which risks any evidence found being suppressed because the government clearly was applying pressure, and the lowered standard of recklessness risks being voided for vagueness.
Their concern for children seems to be very limited as snap is debated again.
Can we stop this or do you think it will pass? Another question: Is this thing reintroduced or not? I find it really confusing that there is no information about the status of this bill.
Re:
Too early to say. Shumer who is Senate Majority leader wants some kind of action on kids privacy this summer. Yes it is being reintroduced but the two butt brothers are being sneaky by not announcing the bill outside of an upcoming markup session and hasn’t even been assigned a number yet.
This comment has been flagged by the community. Click here to show it.
Nice post by the way. I loved the article very much. It was so informative and interesting
Confused
I’m just a little confused though, we know that the same co sponsors of the bill are reintroducing it and everything but why is no one talking about the two house representatives introducing the EarnIt act as well? I thought you could only introduce a bill in only one house
Re:
It’s a companion bill and they’re not uncommon. The idea is that both versions pass their respective chamber then if there are differences between the two, they get combined into one bill then has to pass the House and Senate again.
This is the second time they’ve done this where they’ve introduced a House version of EARN IT which actually further watered down whatever good was in it and the Senate version adopted it’s language when it was reintroduced in 2022.
Re: Re:
Oh ok I see thanks